ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
83962ff116
TenantAtlas/config/tenantpilot.php

222 lines
7.7 KiB
PHP
Raw Blame History

<?php
return [
'supported_policy_types' => [
[
'type' => 'deviceConfiguration',
'label' => 'Device Configuration',
'category' => 'Configuration',
'platform' => 'all',
'endpoint' => 'deviceManagement/deviceConfigurations',
'filter' => "not isof('microsoft.graph.windowsUpdateForBusinessConfiguration')",
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'groupPolicyConfiguration',
'label' => 'Administrative Templates',
'category' => 'Configuration',
'platform' => 'windows',
'endpoint' => 'deviceManagement/groupPolicyConfigurations',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'settingsCatalogPolicy',
'label' => 'Settings Catalog Policy',
'category' => 'Configuration',
'platform' => 'windows',
'endpoint' => 'deviceManagement/configurationPolicies',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'windowsUpdateRing',
'label' => 'Software Update Ring',
'category' => 'Update Management',
'platform' => 'windows',
'endpoint' => 'deviceManagement/deviceConfigurations',
'filter' => "isof('microsoft.graph.windowsUpdateForBusinessConfiguration')",
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium-high',
],
[
'type' => 'windowsFeatureUpdateProfile',
'label' => 'Feature Updates (Windows)',
'category' => 'Update Management',
'platform' => 'windows',
'endpoint' => 'deviceManagement/windowsFeatureUpdateProfiles',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'high',
],
[
'type' => 'windowsQualityUpdateProfile',
'label' => 'Quality Updates (Windows)',
'category' => 'Update Management',
'platform' => 'windows',
'endpoint' => 'deviceManagement/windowsQualityUpdateProfiles',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'high',
],
[
'type' => 'deviceCompliancePolicy',
'label' => 'Device Compliance',
'category' => 'Compliance',
'platform' => 'all',
'endpoint' => 'deviceManagement/deviceCompliancePolicies',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'appProtectionPolicy',
'label' => 'App Protection (MAM)',
'category' => 'Apps/MAM',
'platform' => 'mobile',
'endpoint' => 'deviceAppManagement/managedAppPolicies',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium-high',
],
[
'type' => 'conditionalAccessPolicy',
'label' => 'Conditional Access',
'category' => 'Conditional Access',
'platform' => 'all',
'endpoint' => 'identity/conditionalAccess/policies',
'backup' => 'full',
'restore' => 'preview-only',
'risk' => 'high',
],
[
'type' => 'deviceManagementScript',
'label' => 'PowerShell Scripts',
'category' => 'Scripts',
'platform' => 'windows',
'endpoint' => 'deviceManagement/deviceManagementScripts',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'deviceShellScript',
'label' => 'macOS Shell Scripts',
'category' => 'Scripts',
'platform' => 'macOS',
'endpoint' => 'deviceManagement/deviceShellScripts',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'deviceHealthScript',
'label' => 'Proactive Remediations',
'category' => 'Scripts',
'platform' => 'windows',
'endpoint' => 'deviceManagement/deviceHealthScripts',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'windowsAutopilotDeploymentProfile',
'label' => 'Windows Autopilot Profiles',
'category' => 'Autopilot',
'platform' => 'windows',
'endpoint' => 'deviceManagement/windowsAutopilotDeploymentProfiles',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium-high',
],
[
'type' => 'windowsEnrollmentStatusPage',
'label' => 'Enrollment Status Page (ESP)',
'category' => 'Enrollment',
'platform' => 'all',
'endpoint' => 'deviceManagement/deviceEnrollmentConfigurations',
'filter' => "isof('microsoft.graph.windows10EnrollmentCompletionPageConfiguration')",
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'medium',
],
[
'type' => 'enrollmentRestriction',
'label' => 'Enrollment Restrictions',
'category' => 'Enrollment',
'platform' => 'all',
'endpoint' => 'deviceManagement/deviceEnrollmentConfigurations',
'backup' => 'full',
'restore' => 'preview-only',
'risk' => 'high',
],
[
'type' => 'endpointSecurityIntent',
'label' => 'Endpoint Security Intents',
'category' => 'Endpoint Security',
'platform' => 'windows',
'endpoint' => 'deviceManagement/intents',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'high',
],
[
'type' => 'mobileApp',
'label' => 'Applications (Metadata only)',
'category' => 'Applications',
'platform' => 'all',
'endpoint' => 'deviceAppManagement/mobileApps',
'backup' => 'metadata-only',
'restore' => 'enabled',
'risk' => 'low-medium',
],
],
'foundation_types' => [
[
'type' => 'assignmentFilter',
'label' => 'Assignment Filter',
'category' => 'Foundations',
'platform' => 'all',
'endpoint' => 'deviceManagement/assignmentFilters',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'low',
],
[
'type' => 'roleScopeTag',
'label' => 'Scope Tag',
'category' => 'Foundations',
'platform' => 'all',
'endpoint' => 'deviceManagement/roleScopeTags',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'low',
],
[
'type' => 'notificationMessageTemplate',
'label' => 'Notification Message Template',
'category' => 'Foundations',
'platform' => 'all',
'endpoint' => 'deviceManagement/notificationMessageTemplates',
'backup' => 'full',
'restore' => 'enabled',
'risk' => 'low',
],
],
'features' => [
'conditional_access' => true,
],
'bulk_operations' => [
'chunk_size' => (int) env('TENANTPILOT_BULK_CHUNK_SIZE', 10),
'poll_interval_seconds' => (int) env('TENANTPILOT_BULK_POLL_INTERVAL_SECONDS', 3),
],
];
Reference in New Issue View Git Blame Copy Permalink